Can Your Trust Your Software?
I’ve just come across this horror story about G-Archiver, a windows shareware which backs up your gmail account to your local hard drive but also emails your username and password to the creator!
When we initially launched AllPeers, the client was not open-source but we always said our goal was to do it. At the time, the source code was not clean enough to open but we knew this was the only way for us to prove we were genuine and not planning on spying on our users.
When we finally opened the code, some people saw it as a desperate move on our part. It was not. It was a way for us to be transparent and to say “if you don’t trust us, just look at our code”.
There are a lot of advantages about developing open-source software but trust and security are certainly high on the list.
Now forget about open-source software and think about all these websites who ask you for your login credentials in order to “import your contacts”. Can you really trust them and if so how? How paranoiac are you about this? I usually tend to trust the sites but is a nice design and a groovy name enough to earn my trust when it comes to my email credentials?
2 Comments »
Trackback URL RSS feed for comments on this post.
Leave a comment
Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>
I must be paranoid because I much prefer to type in my contact lists rather than give away my passwords. Setting up fake business networking sites in order to collect passwords - what an easy scam to play on somewhat IT savvy business guys!
Comment by Julia — 3/30/2008 @ 11:26 pm
Actually I can not trurt my software.The best way is keeping password in a crypted file
Comment by Redtube — 6/8/2008 @ 12:21 pm